@swarmclawai/swarmclaw 1.5.34 → 1.5.35

package/README.md

@@ -375,6 +375,14 @@ Operational docs: https://swarmclaw.ai/docs/observability
 
 ## Releases
 
+### v1.5.35 Highlights
+
+- **Update safety: prevent DB corruption on Linux**: `npm run update:easy`, `swarmclaw update`, and the in-app update endpoint now stop the running server (or checkpoint the SQLite WAL) before rebuilding native modules, preventing the WAL journal corruption that forced some Linux users back to the setup wizard.
+- **SQLite graceful shutdown**: the server now checkpoints and closes the database on SIGTERM/SIGINT, eliminating stale WAL state after any clean stop.
+- **Doctor: detect dangling gateway credentials**: the setup doctor now flags gateway profiles that reference deleted or missing credentials, explaining the "gateway token missing" connection errors.
+- **Gateway credential resolution logging**: when a gateway credential can't be resolved, the server now logs a clear warning identifying the missing credential ID.
+- **Credential decryption error logging**: when a stored credential can't be decrypted (e.g. after `CREDENTIAL_SECRET` changes), the server now logs the credential ID and provider so users know which key to re-add.
+
 ### v1.5.34 Highlights
 
 - **Ollama Cloud auth fix**: SwarmClaw now normalizes `api.ollama.com` and `www.ollama.com` to `ollama.com` before making authenticated requests, avoiding the redirect that was dropping authorization headers and causing false provider-health/runtime failures.

package/bin/update-cmd.js

@@ -98,6 +98,29 @@ function runRegistrySelfUpdate(
   return 0
 }
 
+function stopRunningServer(logger = { log, logError }) {
+  // Stop the server gracefully before updating to prevent SQLite WAL corruption.
+  try {
+    const serverCmd = path.join(PKG_ROOT, 'bin', 'swarmclaw.js')
+    const status = execFileSync(process.execPath, [serverCmd, 'status'], {
+      encoding: 'utf-8',
+      cwd: PKG_ROOT,
+      timeout: 10_000,
+    }).trim()
+    if (status.toLowerCase().includes('running')) {
+      logger.log('Stopping running server before update...')
+      execFileSync(process.execPath, [serverCmd, 'stop'], {
+        encoding: 'utf-8',
+        cwd: PKG_ROOT,
+        timeout: 15_000,
+      })
+      logger.log('Server stopped.')
+    }
+  } catch {
+    // Server may not be running or status command unavailable — continue.
+  }
+}
+
 function main(args = process.argv.slice(3)) {
   if (args.includes('-h') || args.includes('--help')) {
     console.log(`
@@ -112,9 +135,12 @@ If running from a registry install, update the global package with its owning pa
   try {
     run('git rev-parse --git-dir')
   } catch {
+    stopRunningServer()
     process.exit(runRegistrySelfUpdate())
   }
 
+  stopRunningServer()
+
   const beforeRef = run('git rev-parse HEAD')
   const beforeSha = run('git rev-parse --short HEAD')
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@swarmclawai/swarmclaw",
-  "version": "1.5.34",
+  "version": "1.5.35",
   "description": "Build and run autonomous AI agents with OpenClaw, Hermes, multiple model providers, orchestration, delegation, memory, skills, schedules, and chat connectors.",
   "license": "MIT",
   "publishConfig": {

package/scripts/easy-update.mjs

@@ -1,5 +1,7 @@
 #!/usr/bin/env node
 
+import fs from 'node:fs'
+import path from 'node:path'
 import { spawnSync } from 'node:child_process'
 
 const args = new Set(process.argv.slice(2))
@@ -68,12 +70,33 @@ function getLatestStableTag() {
   return tags.find((tag) => RELEASE_TAG_RE.test(tag)) || null
 }
 
+function stopRunningServer() {
+  // Try to stop the SwarmClaw server gracefully before updating.
+  // An unclean shutdown while npm rebuild replaces native modules
+  // can corrupt the SQLite WAL journal on Linux.
+  const cliPath = path.join(cwd, 'bin', 'swarmclaw.js')
+  if (!fs.existsSync(cliPath)) return
+
+  const status = run('node', [cliPath, 'status'])
+  if (!status.ok || !status.out.toLowerCase().includes('running')) return
+
+  log('Stopping running SwarmClaw server before update...')
+  const stop = run('node', [cliPath, 'stop'])
+  if (stop.ok) {
+    log('Server stopped.')
+  } else {
+    log('Could not stop the server automatically. Please stop it manually before updating.')
+  }
+}
+
 function main() {
   const gitCheck = run('git', ['rev-parse', '--is-inside-work-tree'])
   if (!gitCheck.ok) {
     fail('This folder is not a git repository. Automatic updates require git.')
   }
 
+  stopRunningServer()
+
   const dirty = run('git', ['status', '--porcelain'])
   const isDirty = !!dirty.out
   if (isDirty && !allowDirty) {

package/src/app/api/setup/doctor/route.ts

@@ -3,7 +3,7 @@ import path from 'node:path'
 import { spawnSync } from 'node:child_process'
 import { NextResponse } from 'next/server'
 import { DATA_DIR } from '@/lib/server/data-dir'
-import { loadAgents, loadCredentials, loadSettings } from '@/lib/server/storage'
+import { loadAgents, loadCredentials, loadSettings, loadCollection } from '@/lib/server/storage'
 import { dedup, errorMessage } from '@/lib/shared-utils'
 import { detectDocker } from '@/lib/server/sandbox/docker-detect'
 
@@ -160,6 +160,7 @@ export async function GET(req: Request) {
   }
 
   const credentials = Object.values(loadCredentials() || {})
+  const credentialIds = new Set(credentials.map((c) => (c as Record<string, unknown>).id as string).filter(Boolean))
   if (credentials.length > 0) {
     pushCheck(checks, 'credentials', 'Credentials', 'pass', `${credentials.length} credential(s) saved.`)
   } else {
@@ -167,6 +168,35 @@ export async function GET(req: Request) {
     actions.push('If using cloud providers, add an API key in the setup wizard or Settings → Providers.')
   }
 
+  // Check for undecryptable credentials (CREDENTIAL_SECRET may have changed)
+  if (credentials.length > 0) {
+    try {
+      const { resolveCredentialSecret } = await import('@/lib/server/credentials/credential-service')
+      let undecryptable = 0
+      for (const cred of credentials) {
+        const c = cred as Record<string, unknown>
+        if (c.encryptedKey && !resolveCredentialSecret(c.id as string)) undecryptable++
+      }
+      if (undecryptable > 0) {
+        pushCheck(checks, 'credential-decrypt', 'Credential decryption', 'fail',
+          `${undecryptable} of ${credentials.length} credential(s) cannot be decrypted. CREDENTIAL_SECRET may have changed since these keys were stored.`, true)
+        actions.push('Your CREDENTIAL_SECRET changed (possibly from a container restart). Re-add your API keys in Settings → Providers.')
+      }
+    } catch { /* best-effort */ }
+  }
+
+  // Check for dangling credential references in gateway profiles
+  try {
+    const gateways = Object.values(loadCollection('gateway_profiles') || {}) as Array<Record<string, unknown>>
+    const dangling = gateways.filter((gw) => gw.credentialId && !credentialIds.has(gw.credentialId as string))
+    if (dangling.length > 0) {
+      const names = dangling.map((gw) => gw.name || gw.id).join(', ')
+      pushCheck(checks, 'gateway-credentials', 'Gateway credential references', 'warn',
+        `${dangling.length} gateway profile(s) reference missing credentials: ${names}. This causes "gateway token missing" errors.`)
+      actions.push('Re-add the missing API key in Settings → Gateways, or update the gateway profile to use an existing credential.')
+    }
+  } catch { /* best-effort */ }
+
   const optionalBinaries: Array<{ id: string; label: string; command: string }> = [
     { id: 'claude-cli', label: 'Claude Code CLI', command: 'claude' },
     { id: 'codex-cli', label: 'OpenAI Codex CLI', command: 'codex' },

package/src/app/api/version/update/route.ts

@@ -1,5 +1,6 @@
 import { NextResponse } from 'next/server'
 import { execSync } from 'child_process'
+import { getDb } from '@/lib/server/storage'
 
 const RELEASE_TAG_RE = /^v\d+\.\d+\.\d+(?:[-+][0-9A-Za-z.-]+)?$/
 
@@ -7,6 +8,19 @@ function run(cmd: string): string {
   return execSync(cmd, { encoding: 'utf-8', cwd: process.cwd(), timeout: 60_000 }).trim()
 }
 
+/**
+ * Checkpoint the SQLite WAL before operations that replace native modules
+ * (npm install rebuilds better-sqlite3). Without this, an unclean WAL state
+ * combined with a replaced native binary can corrupt the database on Linux.
+ */
+function checkpointDatabase(): void {
+  try {
+    getDb().pragma('wal_checkpoint(TRUNCATE)')
+  } catch {
+    // Best-effort — the database may already be in a good state.
+  }
+}
+
 function getLatestStableTag(): string | null {
   const tags = run(`git tag --list 'v*' --sort=-v:refname`)
     .split('\n')
@@ -67,6 +81,9 @@ export async function POST() {
     try {
       const diff = run(`git diff --name-only ${beforeSha}..HEAD`)
       if (diff.includes('package-lock.json') || diff.includes('package.json')) {
+        // Checkpoint WAL before npm install — the postinstall hook rebuilds
+        // better-sqlite3's native module, which can corrupt an open WAL journal.
+        checkpointDatabase()
         run('npm install --omit=dev')
         installedDeps = true
       }

package/src/lib/server/credentials/credential-service.ts

@@ -9,6 +9,9 @@ import {
   loadCredentials,
   saveCredential,
 } from '@/lib/server/credentials/credential-repository'
+import { log } from '@/lib/server/logger'
+
+const TAG = 'credential-service'
 
 export type CredentialSummary = Pick<Credential, 'id' | 'provider' | 'name' | 'createdAt'>
 
@@ -55,7 +58,12 @@ export function resolveCredentialSecret(credentialId: string | null | undefined)
   if (!credential?.encryptedKey) return null
   try {
     return decryptKey(credential.encryptedKey)
-  } catch {
+  } catch (err) {
+    log.warn(TAG, `Failed to decrypt credential "${id}" — CREDENTIAL_SECRET may have changed since this key was stored. Re-add the API key to fix.`, {
+      credentialId: id,
+      provider: credential.provider,
+      error: err instanceof Error ? err.message : String(err),
+    })
     return null
   }
 }

package/src/lib/server/openclaw/gateway.ts

@@ -81,7 +81,14 @@ function normalizeWsUrl(raw: string): string {
 }
 
 function resolveTokenForCredential(credentialId?: string | null): string | undefined {
-  return resolveCredentialSecret(credentialId) || undefined
+  if (!credentialId) return undefined
+  const secret = resolveCredentialSecret(credentialId)
+  if (!secret) {
+    log.warn(TAG, `Credential "${credentialId}" is referenced but could not be resolved — gateway connection will lack a token`, {
+      credentialId,
+    })
+  }
+  return secret || undefined
 }
 
 export function resolveGatewayConfig(target?: {

package/src/lib/server/storage.ts

@@ -94,6 +94,21 @@ if (!IS_BUILD_BOOTSTRAP) {
 }
 db.pragma('foreign_keys = ON')
 
+// Graceful shutdown: checkpoint WAL and close the database to prevent
+// corruption when the process is killed (e.g. during npm run update:easy).
+if (!IS_BUILD_BOOTSTRAP) {
+  const shutdownDb = () => {
+    try {
+      db.pragma('wal_checkpoint(TRUNCATE)')
+      db.close()
+    } catch {
+      // Best-effort — process is exiting.
+    }
+  }
+  process.on('SIGTERM', shutdownDb)
+  process.on('SIGINT', shutdownDb)
+}
+
 /** Run a function inside an immediate SQLite transaction for atomicity. */
 export function withTransaction<T>(fn: () => T): T {
   const wrapped = db.transaction(fn)